urelas | 8755fc851d5006bac5a1e0d03b73987c190e75344b249fb7c077f092ae6bcbca | Triage

Sharing

General

Target

8755fc851d5006bac5a1e0d03b73987c190e75344b249fb7c077f092ae6bcbca.exe
Size

92KB
Sample

250125-rpx4bsxrbq
MD5

beef9ba4438bb5d66620432025cac4fc
SHA1

ce96f8d545b8896118552fcec55e618d259c90ca
SHA256

8755fc851d5006bac5a1e0d03b73987c190e75344b249fb7c077f092ae6bcbca
SHA512

f4562fae5663bdf1c4eba58d26d2d517820248e81e9f4606aefc13ed3a3eda30970d67a9576a59e5b1f9958fc0115dee55d40b68c829986d2678429c2b5df353
SSDEEP

1536:iDJj/L6UWX/iDdolO4g033dsA2+n1qn1iLdBG:iDJj29G4gItR7n1qn4LdM

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.77

218.54.47.74

Targets

- Target
  
  8755fc851d5006bac5a1e0d03b73987c190e75344b249fb7c077f092ae6bcbca.exe
- Size
  
  92KB
- MD5
  
  beef9ba4438bb5d66620432025cac4fc
- SHA1
  
  ce96f8d545b8896118552fcec55e618d259c90ca
- SHA256
  
  8755fc851d5006bac5a1e0d03b73987c190e75344b249fb7c077f092ae6bcbca
- SHA512
  
  f4562fae5663bdf1c4eba58d26d2d517820248e81e9f4606aefc13ed3a3eda30970d67a9576a59e5b1f9958fc0115dee55d40b68c829986d2678429c2b5df353
- SSDEEP
  
  1536:iDJj/L6UWX/iDdolO4g033dsA2+n1qn1iLdBG:iDJj29G4gItR7n1qn4LdM
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan